Change log for apache-jena package in Ubuntu

16 of 6 results
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
apache-jena (4.9.0-1) unstable; urgency=medium

  * New upstream version 4.9.0.
    - Fix CVE-2023-22665: (Closes: #1041108)
      There is insufficient checking of user queries in Apache Jena versions
      4.7.0 and earlier, when invoking custom scripts. It allows a remote user
      to execute arbitrary javascript via a SPARQL query.
    - Fix CVE-2023-32200: (Closes: #1035952)
      There is insufficient restrictions of called script functions in Apache
      Jena versions 4.8.0 and earlier. It allows a remote user to execute
      javascript via a SPARQL query. This issue affects Apache Jena: from 3.7.0
      through 4.8.0.
  * B-D on libcaffeine-java and libcommons-collections4-java.
  * Ignore org.roaringbitmap:RoaringBitmap artifact. Needs packaging.
  * Rebase and update the patches for the new release.

 -- Markus Koschany <email address hidden>  Thu, 14 Sep 2023 19:21:03 +0200

Available diffs

Superseded in noble-release
Published in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar)
apache-jena (4.5.0-2) unstable; urgency=medium

  * Add RDFReader.patch for backwards compatibility to fix a FTBFS in
    librdfa-java.
  * Declare compliance with Debian Policy 4.6.2.

 -- Markus Koschany <email address hidden>  Mon, 09 Jan 2023 23:32:16 +0100

Available diffs

Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar)
apache-jena (4.5.0-1) unstable; urgency=high

  * New upstream version 4.5.0.
    - Fix CVE-2021-33192, CVE-2021-39239 and CVE-2022-28890. Thanks to Moritz
      Mühlenhoff for the report. (Closes: #1014982)
  * Refresh the patches.
  * Add libprotobuf-java, libtitanium-json-ld-java and libjsonp2-java to
    Build-Depends.
  * Tighten dependency on libthrift-java.
  * Declare compliance with Debian Policy 4.6.1.

 -- Markus Koschany <email address hidden>  Sat, 24 Sep 2022 13:59:54 +0200

Available diffs

Superseded in lunar-release
Obsolete in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
apache-jena (3.17.0-3) unstable; urgency=medium

  * Remove B-D on libapache-jena-java
  * Fix debian poms file and add missing sub modules of jena-db.

 -- Markus Koschany <email address hidden>  Sun, 13 Feb 2022 13:31:52 +0100

Available diffs

Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
apache-jena (3.17.0-2) unstable; urgency=medium

  * Remove workaround for jena-tdb2 and B-D on libapache-jena-java.
  * Add jena-tdb2-javadoc.patch.
  * Update debian/copyright and document that DAWG and DAWG-Final directories
    are also licensed under the W3C Software license.

 -- Markus Koschany <email address hidden>  Mon, 07 Feb 2022 22:44:42 +0100

Available diffs

Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
apache-jena (3.17.0-1) unstable; urgency=medium

  * Initial release. (Closes: #986605)

 -- Markus Koschany <email address hidden>  Fri, 09 Apr 2021 19:35:26 +0200
16 of 6 results